cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
LN
Calcite | Level 5 LN
Calcite | Level 5
Go to Solution

SSL certificate renewal for sas 9.4 webserver

Posted 03-15-2016 04:43 PM (12879 views)

Hi

 

In order to renew the certificate, i created the csr file and received .pem file which i replaced with the original file. Now what else do i need to do. Becuase the certificate resides on my VA server. I restarted the VA server. But now my both my VA servers are not starting. What did I miss?

 

The error message is:

SUCCESS (SASJob PreCode)

SUCCESS (Store Process ID)

ERRORS (Start Server)

----------------------------------------------

ERROR: Unable to register LASR server with authentication service.

ERROR: Libref ML is not assigned.

ERROR: Error in the LIBNAME statement.

 

Thank you for the guidance

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: SSL certificate renewal for sas 9.4 webserver

Posted 03-16-2016 05:58 PM (14658 views)  |   In reply to LN

Hi,

 

Shall we understand you have SAS 9.4? Which maintenance? Do you have https/certificates only on the SAS web server or in the SAS Application server too? 

 

Anyway, please let me provide you an answer sticking for now just to the basics: https/certificate only on the web seever.

 

1- when you have the new certificate, please ensure that the key is the same. If you have a certificate chain file this will need to be updated too : http://support.sas.com/documentation/cdl/en/bimtag/68217/HTML/default/viewer.htm#n0nakjyj6hlqmvn11p9...

2- when you have the files, update them on the SAS Web Server as mentioned on the above link.

3- restart only the web browser

4- validate that it works fine and is validated trough a web browser.

5- when is valid, you will need to import the new chain in the private Java keystore , also as on the same link 

6- restart your SAS middle tier services.

7- if you can validate you SAS content server from the management console it should be ready for LASR too.

 

Now, not all is finished. If you use or plan to use the SAS Environment Manager, there is. At least one additional step, to add the certificate chain into the SAS environment Manager private java keystore, as mentioned on: http://documentation.sas.com/?cdcId=pgmsascdc&cdcVersion=9.4_3.3&docsetId=secref&docsetTarget=n12033...

 

Remember, you will most probably need or want to update the certificate on the server level too (if windows) and in the clients' web browsers.

 

Post Edited in 2018-03-17 to include Greg's update for the second link. Thank you @gregraka!

View solution in original post

4 REPLIES 4
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: SSL certificate renewal for sas 9.4 webserver

Posted 03-16-2016 05:58 PM (14659 views)  |   In reply to LN

Hi,

 

Shall we understand you have SAS 9.4? Which maintenance? Do you have https/certificates only on the SAS web server or in the SAS Application server too? 

 

Anyway, please let me provide you an answer sticking for now just to the basics: https/certificate only on the web seever.

 

1- when you have the new certificate, please ensure that the key is the same. If you have a certificate chain file this will need to be updated too : http://support.sas.com/documentation/cdl/en/bimtag/68217/HTML/default/viewer.htm#n0nakjyj6hlqmvn11p9...

2- when you have the files, update them on the SAS Web Server as mentioned on the above link.

3- restart only the web browser

4- validate that it works fine and is validated trough a web browser.

5- when is valid, you will need to import the new chain in the private Java keystore , also as on the same link 

6- restart your SAS middle tier services.

7- if you can validate you SAS content server from the management console it should be ready for LASR too.

 

Now, not all is finished. If you use or plan to use the SAS Environment Manager, there is. At least one additional step, to add the certificate chain into the SAS environment Manager private java keystore, as mentioned on: http://documentation.sas.com/?cdcId=pgmsascdc&cdcVersion=9.4_3.3&docsetId=secref&docsetTarget=n12033...

 

Remember, you will most probably need or want to update the certificate on the server level too (if windows) and in the clients' web browsers.

 

Post Edited in 2018-03-17 to include Greg's update for the second link. Thank you @gregraka!

LN
Calcite | Level 5 LN
Calcite | Level 5

Re: SSL certificate renewal for sas 9.4 webserver

Posted 03-16-2016 06:14 PM (12857 views)  |   In reply to JuanS_OCS
Hi Juan,

Thank you for the reply. The first link is not working. Could you please send it again.

Thank you
0 Likes
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: SSL certificate renewal for sas 9.4 webserver

Posted 03-16-2016 06:31 PM (12851 views)  |   In reply to LN

Hi, please try again, I removed the extra ")." Characters from the link on my post.

Otherwise, there you are:

 

http://support.sas.com/documentation/cdl/en/bimtag/68217/HTML/default/viewer.htm#n0nakjyj6hlqmvn11p9...

 

0 Likes
gregraka
SAS Employee gregraka
SAS Employee

Re: SSL certificate renewal for sas 9.4 webserver

Posted 03-16-2018 03:35 PM (10441 views)  |   In reply to JuanS_OCS

Hi,

 

The second link in Juan's post, no longer works.

 

In November of 2016, this TLS certificates information was moved from the installation guide to another guide.

 

Please use the following link to locate this information:

 

http://documentation.sas.com/?cdcId=pgmsascdc&cdcVersion=9.4_3.3&docsetId=secref&docsetTarget=n12033...

 

Regards,

--Greg Rakauskas

Sr. Technical Writer, SAS

 

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Watch CLI in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 4 replies
  • ‎03-15-2016 04:43 PM
  • 12880 views
  • 2 likes
  • 3 in conversation